Author: Brian Carnell

Anatoxin-a, also known as Very Fast Death Factor (VFDF), is a secondary, bicyclic amine alkaloid and cyanotoxin with acute neurotoxicity. It was first discovered in the early 1960s in Canada, and was isolated in 1972. The toxin is produced by seven different genera of cyanobacteria and has been reported in North America, Europe, Africa, Asia, and New Zealand. Symptoms of anatoxin exposure include loss of coordination, muscular fasciculations, convulsions and death by respiratory paralysis. Its mode of action is through the nicotinic acetylcholine receptor (nAchR) where it acts as an agonist of acetylcholine. As such, anatoxin-a has been used for medicinal purposes to investigate diseases characterized by low acetylcholine levels. Due to its high toxicity and potential presence in drinking water, anatoxin-a poses a threat to animals, including humans.

. . .

Despite the relatively low frequency of anatoxin-a relative to other cyanotoxins, its high toxicity (the lethal dose is not known for humans, but is estimated to be less than 5 mg for an adult male) means that it is still considered a serious threat to terrestrial and aquatic organisms, most significantly to livestock and to humans. Anatoxin-a is suspected to have been involved in the death of at least one person. The threat posed by anatoxin-a and other cyanotoxins is increasing as both fertilizer runoff, leading to eutrophication in lakes and rivers, and higher global temperatures contribute to a greater frequency and prevalence of cyanobacterial blooms.

In addition to overestimating benefits, advice almost always ignores the cost of user effort. The incremental cost of forcing users to choose an 8-character strong password, as opposed to allowing a 6-digit PIN, is hard to measure, but is certainly not zero. And ignoring it leads to a failure to understand the rational and predictable nature of user response.

There are about 180 million online adults in the US. At twice the US minimum wage one hour of user time is then worth $7.25×2×180e6 = $2.6 billion. A minute of user time per day is a $7.25 × 2 × 180e6 × 365/60 = $15.9 billion per year proposition. This places things in an entirely new light. We suggest that the main reason security advice is ignored is that it makes an enormous miscalculation: it treats as free a resource that is actually worth $2.6 billion an hour. It’s not uncommon to regard users as lazy or reluctant. A better understanding of the situation might ensue if we viewed the user as a professional who bills at $2.6 billion per hour, and whose time is far too valuable to be wasted on unnecessary detail. Echoing Adams and Sasse [21] we might say: the user is your boss’s boss’s boss. This would help ensure that we ask for a minute of user time (the boss’s) only when absolutely necessary.